Fortinet white logo
Fortinet white logo

Administration Guide

Nuage SDN connector using server credentials

Nuage SDN connector using server credentials

You can use Nuage SDN connectors in dynamic firewall addresses.

The Fortinet SDN Connector for Cisco ACI and Nuage Networks is a standalone connector that connects to SDN controllers within Cisco ACI and Nuage Networks. You must configure a connection to the Fortinet SDN connector in FortiOS to query the dynamic addresses.

To configure a Nuage connector in the GUI:
  1. Create the Nuage SDN connector:
    1. Go to Security Fabric > External Connectors and click Create New.
    2. In the Private SDN section, click Nuage Virtualized Services Platform.
    3. Configure the settings as needed.
    4. Click OK.

  2. Create the dynamic firewall address for the connector:
    1. Go to Policy & Objects > Addresses and select Address.
    2. Click Create new.
    3. Configure the following settings:
      1. For Type, select Dynamic.
      2. For Sub Type, select Fabric Connector Address.
      3. For SDN Connector, select the Nuage connector.
      4. Configure the remaining settings as needed.
    4. Click OK.

To verify the SDN connector resolves the dynamic firewall IP addresses in the GUI:
  1. Go to Policy & Objects > Addresses.
  2. In the address table, hover over an address to view which IP addresses it resolves to.
To configure a Nuage connector in the CLI:
  1. Create the SDN connector:
    config system sdn-connector
        edit "nuage1"
            set type nuage
            set server "172.18.64.27"
            set server-port 5671
            set username "admin"
            set password xxxxxxx
        next
    end
  2. Create the dynamic firewall address for the connector:
    config firewall address
        edit "nuage-address1"
            set type dynamic
            set sdn "nuage1"
            set color 19
            set organization "nuage/L3"
            set subnet-name "Subnet20"
        next
    end
To verify the SDN connector resolves the dynamic firewall IP addresses in the CLI:
# diagnose firewall dynamic list

List all dynamic addresses:
nuage1.nuage.nuage/L3.Subnet20.*: ID(196)
        ADDR(192.168.20.92)
        ADDR(192.168.20.240)

Nuage SDN connector using server credentials

Nuage SDN connector using server credentials

You can use Nuage SDN connectors in dynamic firewall addresses.

The Fortinet SDN Connector for Cisco ACI and Nuage Networks is a standalone connector that connects to SDN controllers within Cisco ACI and Nuage Networks. You must configure a connection to the Fortinet SDN connector in FortiOS to query the dynamic addresses.

To configure a Nuage connector in the GUI:
  1. Create the Nuage SDN connector:
    1. Go to Security Fabric > External Connectors and click Create New.
    2. In the Private SDN section, click Nuage Virtualized Services Platform.
    3. Configure the settings as needed.
    4. Click OK.

  2. Create the dynamic firewall address for the connector:
    1. Go to Policy & Objects > Addresses and select Address.
    2. Click Create new.
    3. Configure the following settings:
      1. For Type, select Dynamic.
      2. For Sub Type, select Fabric Connector Address.
      3. For SDN Connector, select the Nuage connector.
      4. Configure the remaining settings as needed.
    4. Click OK.

To verify the SDN connector resolves the dynamic firewall IP addresses in the GUI:
  1. Go to Policy & Objects > Addresses.
  2. In the address table, hover over an address to view which IP addresses it resolves to.
To configure a Nuage connector in the CLI:
  1. Create the SDN connector:
    config system sdn-connector
        edit "nuage1"
            set type nuage
            set server "172.18.64.27"
            set server-port 5671
            set username "admin"
            set password xxxxxxx
        next
    end
  2. Create the dynamic firewall address for the connector:
    config firewall address
        edit "nuage-address1"
            set type dynamic
            set sdn "nuage1"
            set color 19
            set organization "nuage/L3"
            set subnet-name "Subnet20"
        next
    end
To verify the SDN connector resolves the dynamic firewall IP addresses in the CLI:
# diagnose firewall dynamic list

List all dynamic addresses:
nuage1.nuage.nuage/L3.Subnet20.*: ID(196)
        ADDR(192.168.20.92)
        ADDR(192.168.20.240)